Test ID:	1.3.6.1.4.1.25623.1.0.844556
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory for net-snmp (USN-4471-2)
Summary:	The remote host is missing an update for the 'net-snmp'; package(s) announced via the USN-4471-2 advisory.
Description:	Summary: The remote host is missing an update for the 'net-snmp' package(s) announced via the USN-4471-2 advisory. Vulnerability Insight: USN-4471-1 fixed a vulnerability in Net-SNMP. The updated introduced a regression making nsExtendCacheTime not settable. This update fixes the problem adding the cacheTime feature flag. Original advisory details: Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. (CVE-2020-15861) It was discovered that Net-SNMP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-15862) Affected Software/OS: 'net-snmp' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-15861 Common Vulnerability Exposure (CVE) ID: CVE-2020-15862
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.